﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;

public partial class Login : System.Web.UI.Page
{

    Authentication authentication;
    SqlConnection connection;

    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
        }
    }
    protected void btLogin_Click(object sender, EventArgs e)
    {
        try
        {
            SqlConnection connection = new SqlConnection(GlobalConstant.CONNECTION_STRING);
            connection.Open();
            string sql = "SELECT * FROM tbLogin WHERE [Username]='"+txtUsername.Text+"' AND [Password]= '"+ txtPassword.Text+"'";
            SqlCommand cmd = new SqlCommand(sql,connection);
            SqlDataReader reader = cmd.ExecuteReader();
            if (reader.Read())
            {
                Authentication auth = (Authentication)Session[GlobalConstant.LOGIN_STATE];
                auth.userID = reader.GetInt32(3);
                auth.username = txtUsername.Text;
                auth.privilege = reader.GetInt32(4);
                switch(auth.privilege)
                {   
                    case Authentication.MEDICALDIRECTOR:
                       Response.Redirect("~/Management/MedicalDirector/MedicalDirector.aspx");
                       break;
                    case Authentication.PERSONNELOFFICER:
                       Response.Redirect("~/Management/PersonnelOfficer/PersonnelOfficer.aspx");
                       break;
                    case Authentication.CHARGENURSE:
                       Response.Redirect("~/Management/ChargeNurse/ChargeNurse.aspx");
                       break;
                    case Authentication.NURSE:
                       Response.Redirect("~/Management/Nurse/NurseManager.aspx");
                       break;
                }
            }
            else
            {
                lbLoginSatus.Text = "Sai tên đăng nhập hoặc mật khẩu!";
            }
            reader.Close();
            connection.Close();
        }
        catch (Exception ex)
        {
            lbLoginSatus.Text = ex.ToString();
            lbLoginSatus.Enabled = true;
        }
    }
}